There have been recent changes to the guidelines for the use of SSL Encryption by the Certification Authority/Browser (CAB) Forum, and these changes likely affect the types of certificates used and the security of your network. During this webinar you'll learn how the CAB Forum issued guidelines affect your business and the issuance of SSL certificates, changes associated with the issuance of certificates and risks and vulnerabilities from failure to comply with the guideline changes.
Please join Brian Trzupek, Vice President of SSL Managed Identity at Trustwave, as he discusses these changes and their potential long-term implications.
ECC ist der modernste Verschlüsselungsalgorithmus, der beim Schlüsselaustausch und der Authentifizierung mit den Protokollen SSL und TLS zum Einsatz kommt.
ECC wird RSA voraussichtlich ablösen, da der explosionsartige Anstieg der Mobilgerätenutzung und der Kommunikation zwischen Maschinen (M2M) sowie die Entwicklung des Internet der Dinge die Grenzen der Skalierbarkeit des derzeitigen Standardalgorithmus RSA übersteigen.
Die Zuverlässigkeit und Leistung von ECC sind inzwischen klar erwiesen. Die größte Hürde für den Einsatz des Algorithmus ist mangelnde Kompatibilität mit vorhandener Technik. Deshalb hat Symantec Hybrid-SSL-Zertifikate mit ECC und RSA entwickelt. Mit diesen Zertifikaten können Sie Ihre bisherigen Infrastrukturinvestitionen weiterhin nutzen und gleichzeitig Kompatibilitätsprobleme vermeiden.
In diesem Webcast erfahren Sie,
welche Vorteile ECC in puncto Sicherheit, Zuverlässigkeit und Kapazität bietet,
wie die Zertifikatskette eines Hybrid-SSL-Zertifikats mit ECC und RSA aussieht und
wie Sie ein solches Zertifikat beantragen.
ECC is the latest encryption algorithm used for key exchange and authentication purposes in the SSL/TLS protocols.
ECC is expected to replace RSA (current standard) as the scalability of RSA has become too limited to deal with the explosion of the number of mobile devices, machine-to-machine (M2M) communications and the development of the IoT (internet of the things).
The reliability and performance of ECC no longer needs to be demonstrated. However, a significant obstacle to the adoption of ECC lies on the lack of compatibility for such algorithm. This is why we have created ECC/RSA hybrid SSL certificates, allowing you to protect your current infrastructure investment while mitigating potential compatibility issues at the same time.
Join us in this webcast and find out:
-what are the main benefits of ECC in terms of strength, reliability and capacity
-how ECC/RSA hybrid certificate chains work
-what is the enrolment process
Managing a secure SSL environment is getting complex. Recent industry standards and security vulnerabilities required IT to migrate from SHA-1 to SHA-2 hash algorithm, find alternatives for certificates with non-fully-qualified domain (FQDN) names and replace certificates impacted by the Heartbleed vulnerability. In addition, initiatives like Google’s “HTTPS everywhere” or always-on SSL on Google search may increase the deployment of SSL certificates in an organization. All these changes add to the challenges of managing SSL certificates.
In the meantime, IT managers have to continue to provide optimal system performance to meet their users’ needs while staying within their budget.
Attend this exclusive webinar to:
- Discover recent changes and challenges with SSL certificate management
- Learn how you can minimize time and resources in monitoring and managing SSL certificates with Symantec Certificate Intelligence Center (CIC)
- Find out how you can optimize the performance of SSL encryption and decryption with the A10 Thunder Application Delivery Controller (ADC) from A10 Networks
Craig Spiezle will talk about the foundation of online trust and the benefits of having the entire online user experience protected with a best practice security measure for websites, called Always on SSL. We will also touch on other best practices.Read more >
Combating Advanced Cyber-threats grows more challenging every day. Cyber criminals are cloaking their attacks within Secure Sockets Layer (SSL) traffic, knowing very well that perimeter security devices are blind to their exploits.
Despite solving the dilemma that all of your network security devices can have the ability to scrutinize SSL traffic with the right tools in place, the issue of maintaining user privacy is the next concern. How can you inspect SSL traffic for threats while maintaining the privacy of employee online banking, healthcare, and shopping transactions?
Increased SSL usage causes new headaches for IT security. Monitoring and enforcing compliance with internal and external standards for acceptable use of SSL encryption is difficult at best and needs to be able to look at ALL SSL traffic, not just port 443. Implementation of weak encryption keys and sub-par cipher suites often give organizations a false sense of security.
This workshop will provid Decision Makers and Security Practitioners with the knowledge to equip existing security devices to inspect SSL traffic and maintain high performance capabilities, while maintaining user privacy and enforcing SSL-usage standards, with a common criteria certified device.
Don’t miss this opportunity to learn more.
Last year brought a lot of news about government snooping and public attacks against certain encryption and hash algorithms. These developments should concern anyone that values data privacy.
View this recorded session with the Online Trust Alliance and Akamai Technologies to discover the current best practices in securing your website and internal infrastructure. Learn how to implement Always on SSL (AOSSL) and Perfect Forward Secrecy (PFS) to better secure your data.
Join us to learn:
· How to implement AOSSL and PFS in your environment
· What precautions you need to take to protect your website and intranet infrastructure
Learn how to reduce the cost of managing your SSL certificates.Read more >
Australia June 25th 1.30 pm
New Zealand June 25th 3.30 pm
Singapore June 25th 11.30 am
Shanghai June 25th 11.30 am
Taiwan June 25th 11.30 am
Hong Kong June 25th 11.30 am
To protect yourself, your network and your business, you must understand the big picture. Please join us for this webinar in which we’ll prepare you for the upcoming changes in SSL certificate security.
Most importantly, learn how you can minimize the negative impact of Google's SHA-1 deprecation plan on your business, in addition to other important security news.
What we’ll cover:
1) Google's SHA-1 deprecation plan for December 2015
2) CA/B Forum Baseline Requirements, Non-FQDN & gTLD changes
3) Security threats that you should be on the lookout for
Als Sicherheitsspezialist sind Sie ständig auf der Hut vor externen Bedrohungen. Die heutige dynamische, komplexe Infrastruktur führt aber auch zu vielen internen Sicherheitsverletzungen aufgrund falscher Konfiguration von IT-Ressourcen, wie etwa SSL. Um zu einem sichereren Umgang mit diesem Verschlüsselungsprotokoll beizutragen, hat Qualys das Forschungsprojekt SSL Labs ins Leben gerufen, das zwei Hauptprobleme im Sicherheits-Ökosystem angehen will: fehlende Tools und fehlende Dokumentation. Besuchen Sie einen neuen Webcast von Qualys, um sich über den aktuellen Stand der SSL-Verschlüsselung zu informieren und zu erfahren, was gegen die gravierenden Probleme getan werden kann. Verpassen Sie nicht diese wichtigen aktuellen Informationen zu SSL, die Ihnen Ressourcen und entscheidende Schritte zur Erhöhung Ihrer Sicherheit aufzeigen.Read more >
As a security professional, you are on constant alert for external threats. But many breaches are caused internally by incorrect configuration of IT resources, including SSL. To help improve how encryption is used, Qualys created a research project called SSL Labs to address two major problems of the ecosystem: lack of tools and documentation.Read more >
Join us on Jan 29, 2015 to learn how SafeNet Luna HSMs integrate with Palo Alto Networks Firewall Platforms to protect the integrity of the SSL communications.Read more >
Transport layer security using SSL has become the cornerstone of secure internet communications. We ingrain the importance of HTTPS into our developer’s psyche and we train our customers to seek out the assurance of padlocks in the browser, but how well do we really understand SSL? In this session we’ll look at patterns of insufficient transport layer security and how even in the presence of SSL, web applications are often left vulnerable due to simple oversights and misunderstandings about the risks it’s there to protect against. We’ll also delve into a unique set of challenges posed in the mobile app world, challenges which are frequently misunderstood and leave many mobile apps vulnerable to simple attacks.Read more >
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. Both SSL and TLS use asymmetric cryptography for authentication of key exchange, symmetric encryption for confidentiality and message authentication codes for message integrity. In this presentation, Anthony J. Solano - Chief Technology Officer at UKI will explore the fundamentals of the protocol and give visual examples of how it is implemented. Through the analysis of high profile hacks, Mr. Solano will reveal system vulnerabilities and explore how existing countermeasures address the attackers. The presentation will conclude with actionable steps to help lock down your personal and organization’s vulnerable attack surface.Read more >